Secure Service Accounts
Secure Service Accounts (SSAs) are accounts that allow integrations to securely authenticate using the service account. Using an SSA allows an integration to use a 3-legged access workflow instead of a 2-legged access workflow. This provides a more secure way to integrate with ACC and gives you control over the access and permissions of your integrations.
Each custom integration can be attached to a single SSA. Once attached, the SSA can then be invited to any project and the SSA's permissions can then be managed the same way a project administrator manages a project member's permissions. This gives you control over which projects the integration can access and the permissions to associated data in those projects.
For more information on creating SSAs, review the Secure Service Account API documentation.
Inviting SSAs to Projects
When an SSA is attached to a custom integration, it initially has no access to your account or projects. To grant access to the integration, the SSA must be invited to each project that you want the integration to have access to. Once invited, the SSA's permissions within the project can be managed the same way as any other project member's permissions, allowing you more granular control of the integration in each project.
- Open the project you want to invite the SSA to. In Project Admin, or a specific product that the integration is designed to work with.
- Invite the SSA using its email address by following the member invitation process.